Lucene search
MitsubishiCVELIST:CVE-2021-20597HistoryAug 06, 2021 - 12:00 a.m.
CVE-2021-20597
2021-08-0600:00:00
Mitsubishi
www.cve.org
Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions “26” and prior and Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions “11” and prior allows a remote unauthenticated attacker to login to the target unauthorizedly by sniffing network traffic and obtaining credentials when registering user information in the target or changing a password.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU; Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions \"26\" and prior"
},
{
"status": "affected",
"version": "Mitsubishi Electric MELSEC iQ-R series SIL2 Process CPU modules R08/16/32/120PSFCPU firmware versions \"11\" and prior"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2021-08-06 17:15:00
cve
cve
CVE-2021-20597
2021-08-06 17:15:07
nvd
nvd
CVE-2021-20597
2021-08-06 17:15:07
nessus
nessus
thn
thn
Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks
2021-08-05 09:33:00
ics
ics
Mitsubishi Electric MELSEC iQ-R Series (Update B)
2024-04-18 12:00:00